본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Security Advisory

CVE-2020-7856 | Helpcom arbitrary command execution vulnerability2021.04.16
□ Overview
 o Cnesty released security update to address file download vulnerability in Helpcom.

□ Description
 o A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation(CVE-2020-7856).
 
□ Affected Product
Product Version
Helpcom Previous version of 10.0
 
□ Solution
 o Update latest version(11.2020) of Helpcom

□ Acknowledgements
 o Thanks to Jeongun Baek for reporting this vulnerability


□ 작성 : 침해사고분석단 취약점분석팀